Search Results (83944 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-4681 1 Ibm 1 Security Guardium 2024-11-21 5.4 Medium
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186427.
CVE-2020-4680 1 Ibm 1 Security Guardium 2024-11-21 5.4 Medium
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186426.
CVE-2020-4679 1 Ibm 1 Security Guardium 2024-11-21 4.8 Medium
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424.
CVE-2020-4672 1 Ibm 1 Business Automation Workflow 2024-11-21 5.4 Medium
IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186285.
CVE-2020-4666 1 Ibm 1 Engineering Requirements Quality Assistant On-premises 2024-11-21 5.4 Medium
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186281.
CVE-2020-4664 1 Ibm 1 Engineering Requirements Quality Assistant On-premises 2024-11-21 5.4 Medium
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186235.
CVE-2020-4663 1 Ibm 1 Engineering Requirements Quality Assistant On-premises 2024-11-21 5.4 Medium
IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186234.
CVE-2020-4658 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, I and 4 more 2024-11-21 6.1 Medium
IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186095.
CVE-2020-4657 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, I and 4 more 2024-11-21 6.1 Medium
IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186094.
CVE-2020-4645 1 Ibm 1 Planning Analytics Local 2024-11-21 5.4 Medium
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 185717.
CVE-2020-4636 2 Ibm, Linux 2 Resilient Security Orchestration Automation And Response, Linux Kernel 2024-11-21 7.2 High
IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503.
CVE-2020-4631 2 Ibm, Microsoft 2 Spectrum Protect Plus, Windows 2024-11-21 5.5 Medium
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372.
CVE-2020-4625 1 Ibm 1 Cloud Pak For Security 2024-11-21 5.3 Medium
IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie.
CVE-2020-4622 1 Ibm 1 Data Risk Manager 2024-11-21 7.5 High
IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983.
CVE-2020-4615 1 Ibm 1 Data Risk Manager 2024-11-21 5.4 Medium
IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 184928.
CVE-2020-4587 1 Ibm 2 Connect\, Sterling Connect\ 2024-11-21 7.8 High
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obtain root provileges. IBM X-Force ID: 184578.
CVE-2020-4578 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-11-21 5.4 Medium
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 184433.
CVE-2020-4575 1 Ibm 2 Websphere Application Server, Websphere Virtual Enterprise 2024-11-21 6.1 Medium
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
CVE-2020-4564 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2024-11-21 5.4 Medium
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183933.
CVE-2020-4560 1 Ibm 1 Financial Transaction Manager 2024-11-21 6.1 Medium
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.